Follow us on Twitter!
I'd prefer to die standing, than to live on my knees - Che Guevara
Friday, April 18, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 24
Guests Online: 22
Members Online: 2

Registered Members: 82825
Newest Member: bulmers
Latest Articles
View Thread

HellBound Hackers | Challenges | Realistic

Author

Real 8 - Dictionary


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 30-04-06 09:03
I created my bruteforcer but I'm now stuck because my dictionary didn't find anything. What dictionarys did people use or am I wrong in thinking username = admin




Edited by rex_mundi on 26-03-13 14:25
Author

RE: Real 8 - Dictionary?


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 13-05-06 20:43
lol whops...




Edited by on 13-05-06 20:44
Author

RE: Real 8 - Dictionary?


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 25-05-06 05:14
Just use a buffer Overflow


Author

RE: Real 8 - Dictionary?


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 25-05-06 08:23
stax wrote:
Just use a buffer Overflow


That didn't answer his question.

I've got a dictionary that I haven't tested for this challenge, but I assume it works because it was recommended in one of the other threads. If you can't find the thread, PM me for it. Did you use PHP/cURL for your brute forcer? HBH seemed to time out every time i tried mine and i was only able to get about 100 words in each time.


Author

RE: Real 8 - Dictionary?


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 25-05-06 10:49
I didnt used anything but my browser...

"ping is a work tool"

Answering correctly
Real 8 - Dictionary?

Nop, at least I didn't needed that.


Author

RE: Real 8 - Dictionary?


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 25-05-06 10:59
I just submitted article. I will post it here so you dont have to wait. But if you use my method or appreciate it, please leave comments. I had it on my old account but it got removed.

Realistic 8

This is a guide on how to complete Realistic Challenge 8

Okay i read another article on this challenge which had some code and spoke about cURL and php etc...
That isn't the only way you can complete this challenge.

I recommend you Google > 'Buffer Overflow' for more information.

Buffer overflow:-
'Buffer overflows may cause a process to crash or produce incorrect results. They can be triggered by inputs specifically designed to execute malicious code or to make the program operate in an unintended way. As such, buffer overflows cause many software vulnerabilities and form the basis of many exploits. Sufficient bounds checking by either the programmer or the compiler can prevent buffer overflows.' Wikipedia

In a scenario like this one, to determine if it is buffer overflow vulnerable then you would put in the correct username,
a random password and keep refreshing as fast as possible, (Hint// using firefox hitting F5 then enter works a treat)

Once you have promptly refreshed the page about 20 something times then the data is corrupted and it goes in your favour.
Now you are logged in, time to complete the rest of the challenge.

Please comment and rate this article
Feel free to PM if you need extra help

The_Flash


Author

RE: Real 8 - Dictionary?


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 28-05-06 04:41
wtf ?! Can't we post if we are not logged in ?!

Check what the_flash posted :




Member

Posts:
Location:
Joined: 01.01.70
Ranking: Newbie


1st) No posts
2nd) Unix timestamp date, not the time when he posted


(I know it as nothing to do with it, but, its strange !Shock (Bug ?) )




Edited by on 28-05-06 17:24